Scam Alert: 50,000,000 USDT Lost to Spoofing Address Exploit

A cryptocurrency user has lost nearly $50 million due to a costly mistake caused by copying a spoofed address and trusting visual similarity. According to the Lookonchain update, the victim copied the wrong wallet address when he made the crypto transfer.

How attacker exploited “common mistake”

Notably, the victim had done a test run of $50 to his address, which allowed the scammer to spoof the wallet. The exploiter used the same first and last four characters to perform a “poison attack.”

The attack exploited common wallet interfaces that shorten addresses for easy readability.

The spoofed address, which the attacker created, was what the victim mistakenly copied and proceeded to transfer the remaining full $49,999,950. The trap that the attacker set worked, leading to the loss of the funds, as blockchain transactions are irreversible.

A victim (0xcB80) lost $50M due to a copy-paste address mistake.
Before transferring 50M $USDT, the victim sent 50 $USDT as a test to his own address 0xbaf4b1aF…B6495F8b5.
The scammer immediately spoofed a wallet with the same first and last 4 characters and performed an… pic.twitter.com/eGEx2oHiwA
— Lookonchain (@lookonchain) December 20, 2025

This incident emphasizes the need for users to always verify the full address, not just the first and last sets of characters. This is because address poisoning scams have increased significantly in 2025, with malicious attackers looking to exploit any mistakes made by wallet owners.

Experts have always advised against “copy and paste” of addresses from one’s transaction history for convenience.

Such a move could lead to lifting a spoofed address and sending the funds to a different location. Hence, users are cautioned to always pause and verify all transfers at least twice, particularly those involving large sums.

Can collaborative effort curb online exploits?

Some members of the online community have advocated that the crypto sector should normalize smart contracts and whitelist addresses. They also canvassed the need for more awareness campaigns that would constantly educate users about this vulnerability.

You Might Also Like

Earlier in May 2025, leading exchange Coinbase teamed up with law enforcement authorities to prevent spoofing schemes meant to manipulate the market. As highlighted by Coinbase’s Chief Legal Officer Paul Grewal, the spoofing scheme was led by one Chirag Tomar, who had stolen over $20 million from users.

Tomar impersonated the Coinbase exchange and sent fake emails to unsuspecting users and faked official communication to defraud victims. The incident shows the power of collaborative efforts in tackling scams in the crypto industry.

Generally, these malicious actors look for ways to exploit legitimate offers and clone them to trick users.

It might explain the reason Binance, in its recent Dubai event, issued a crucial update to users. It cautioned users against clicking on any link that is not the official Binance Live broadcast channel. The advice was to protect them from falling prey to malicious attackers.

Source: https://u.today/scam-alert-50000000-usdt-lost-to-spoofing-address-exploit